New Cost Announcements Suggest Few Companies Actually Retaining Metadata Yet

Words by Jonathon Davidson

The cost of storing every Australian’s data for 2 years has come out at $128 million, spread across 180 different companies. This does now confirm the total number of ISPs who were affected by the legislation, and confirms that small providers won’t be completely phased out of the game.

But, these announcements have come out fairly late. In April this year, it broke that Telecommunications companies were still “in the dark” over how much money they would be receiving for the appropriate establishment of equipment required to store customer data for a two year period.

The $128m package announced today requires that ISPs agree on a funding policy contract, wherein 50% of the grant will be given upfront upon signing – the other 50% will come after companies “complete reporting requirements.”

Because ISPs have not yet received any money, one is tempted to wonder about whether or not any companies actually started retaining metadata at all following the announcement in October 2015 that it was now law to do so. The wording attached to the grant provisions sure seems to reflect that work is yet to begin.

Given profit intake, one can assume that Telstra, Optus and Vodafone likely had the capacity to begin storing excess data at the drop of the hat, but the capabilities of the majority – that is, small-scale service providers far from attracting customers nation wide – are far more questionable.

It’s plausible that without this boost of financial assistance, many small scale ‘telcos’ were simply unable to retain data, and have not been doing so. Companies have been stranded without help for over a year now. However, the CEO of Internet Australia has told tech journalists that metadata legislation left ISPs to carry the burden of cost without knowing what they’d get back, so there are suggestions that many small-scale ISPs have hauled themselves onto the bandwagon.

While things remain unclear and largely speculative – this is the largest announcement in 11 months – there’s the added factor of the impending deadline – we’ve got less than a year of the metadata retention trial to go, seeing as the trial period is set to end in August 2017.

Of course, that didn’t stop 60 agencies in Australia from applying for warrantless access to metadata databases, most of them not involved with national security at all.

An official document has been released by the Attorney-General’s department which lists the exact cut each of the 180 ISPs are receiving.

Metadata has come back into the light recently following the Nauru Files, and more importantly, the eerie lack of official response (beyond that which came from Peter Dutton, predictably). Some have suggested that the Nauru Files incident might be the first time we see provisions surrounding journalists’ personal data acted upon under the legislation – namely, the “Journalist Information Warrant scheme.”

There is the ulterior issue of George Brandis having been ordered to check himself before he wrecks himself and “reconsider” an FOI application requesting access to George Brandis’s diary.

FOI requests are routinely rejected on the grounds that finding requested information would take too long to find, only to be overturned by courts who routinely judge that no, actually, they wouldn’t. That is exactly what a Federal Court in Sydney found today, ruling against the Attorney General’s departmental decision to block an FOI request from Labor’s Mark Dreyfus. Back to FOI rejections, this podcast talks a lot about that, it’s a good one. So does this one. Alternatively, read about it here.